I am looking for an infosec position in the DC Metro area or South Florida.

My most recent position is Sr. Engineer in support of managed security
services. My greatest proficiency is with Checkpoint Firewall-1 and the
Nokia IP platform, to include reverse engineering their files for process
automation and value-add services. I am proficient in data mining of log
files and complex packet-level troubleshooting, and I can apply this to
Intrusion Detection platforms such as Snort. Besides serving as the lead
technical escalation for managed firewalls, I continually work with
management towards improving efficiency and level of service. Prior to this,
I worked in CACI's Information Assurance department, providing infosec
consulting, assessments and technical documents to commercial and government
clients.

Please see my resume below.


Sincerely,

Eric J. Bragger
[EMAIL PROTECTED]

____________________________________________________________________________

                         Eric John Bragger (CCSA/CCSE)
                            [EMAIL PROTECTED]
____________________________________________________________________________

167 Crossbow Ln.                                       Phone: (301) 963-3525
Gaithersburg, MD 20878                                   Fax: (301) 924-9337
____________________________________________________________________________

OBJECTIVE

  To support excellence in the field of information security by combining
  broad technical ability and continuous research with initiative,
  creativity, strong verbal/written communication skills and business
  proficiency.

____________________________________________________________________________

POSITIONS HELD

  Sr. Engineer III, IP Security
  Engineer II, IP Security
  Systems Security Analyst I
____________________________________________________________________________

INFORMATION TECHNOLOGY

- CHECKPOINT FIREWALL-1
---
     ADMINISTRATION      Provider-1 - Standalone - Field Firewalls
                         High Availability - Gateway Clusters

     VPNs                ISAKMP (IKE) - IPSEC - FWZ - SKIP - PPTP Tunneling

     SECURECLIENT        IKE - FWZ - UDP Encapsulation - IKE over TCP
                         IP Pooling - Single / Multiple Entry Points

     NAT                 Internal-to-Internal (Dual Hide) - Multi-Interface
                         NAT of Inbound VPNs - NAT of Inbound SecureClient

     AUTHENTICATION      User, Client, Session - RADIUS - LDAP - S/Key - IKE

     RESOURCES/PROXIES   Kernel URL Logging - UFP - CVP - Connect Control
                         HTTP, SMTP, FTP Security Servers

     CRASH FORENSICS     "ELG" Analysis - Core Analysis
                         Daemon Stats - Module Debug

     AUDITING            Rulebase Security Audits - Log Audits
                         Integration - Performance Tuning

     REVERSE ENGINEERING Rulebases (compiled/uncompiled) - Objects File

- NOKIA IP APPLIANCE / IPSO OPERATING SYSTEM
---
     ADMINISTRATION      Voyager Configuration
                         High-Availability (VRRP Monitored Circuits)

     ADVANCED ADMIN.     "iclid" - "ipsctl" - "ipsofwd"
                         Firewall Flows - Performance Tuning

     CRASH FORENSICS     Core Analysis - Module Memory Usage
                         Subsystem Health (CPU/Disk/Memory)

     REVERSE ENGINEERING IPSO Database

- NETWORKING
---
     GENERAL SKILLS      Security Analysis - Segmentation - Architecture
                         Testing - Routing - Switching

     TROUBLESHOOTING     Packet Sniffing/Decode (tcpdump, snoop, Ethereal)
                         Session Analysis - Route Verification

     PROTOCOLS           IP - TCP - UDP - ICMP - ESP - IPX - GRE - NetBIOS

- INFORMATION SECURITY
---
     GENERAL SKILLS      Assessment - Penetration - Fortification
                         Network Mapping - Functional & Performance Testing
                         Technical Writing - War Dialing - OS Hardening

     ENCRYPTION          SSH - PKI (PGP) - RSA Keys - DES/3DES
                         ISAKMP - IPsec - FWZ - SKIP

- TICKETING SYSTEMS
---
     DESIGN              Interface - Logic - Field Elements - Metrics
                         Relational Database Structure

- SOFTWARE
---
     FIREWALLS           Checkpoint FW-1 v4.0-4.1 - Axent Raptor 5-6.0
                         Cisco PIX - NAI Gauntlet 4.2-5

     SCRIPTING           sh / bash (Bourne Shell) - Parsing
                         Regular Expressions - HTML

     OPERATING SYSTEMS   Nokia IPSO - Solaris - Linux - BSD - SunOS
                         Digital Unix - IBM AIX - XWindows environments
                         Windows NT/98/95/3.1 - OS/2 2.1-3.0 - DOS

     SECURITY TOOLS      ISS Internet Scanner 5-6.x - NAI CyberCop Scanner
                         Satan - Saint - Sara - Nessus - COPS
                         Snort - TripWire - ToneLOC - TCP Wrappers

     PRODUCTIVITY        Microsoft Office 95-2000:
                           Word - Excel - Outlook - Powerpoint - Frontpage
                         Microsoft Project - Webtrends - Visio 4.0-2000
                         Wordperfect 4.2-8.0 - Lotus 123

     E-MAIL              Outlook - Pine - Lotus Notes 4.x - Eudora Pro

     GRAPHICS            Adobe Photoshop 3.0-6.0 - Bryce - 3D Studio 3.0-Max
____________________________________________________________________________

WORK EXPERIENCE

2001-Present   SR. ENGINEER III, IP SECURITY
               Allegiance Telecom / Intermedia Business Internet
                 Security Management Center
     -    Serving as lead engineer for managed firewalls in the field.
          On-call escalation point for 2nd and other 3rd tier engineers.
          Principal coordinator of vendor support. Daily contact with
          domestic and international customers, to include government
          agencies.
     -    Created a script that inputs an IP address portion and displays
          the objects and NATs that match it, in addition to the groups
          those objects are in. Handles infinite nested groups.
     -    Designed the structure, interface and article templates for a
          flexible, enterprise-class knowledgebase. Authored the majority
          of its articles.
     -    Developed requirements for ticketing system migration from Cold
          Fusion to Remedy. Revised and re-organized ticket categories in
          support of data mining and metrics.

2000-2001      SR. ENGINEER III, IP SECURITY
               Intermedia Business Internet
                 Security Management Center
     -    Served as 3rd-Tier engineer for managed firewalls in the field.
          On-call escalation point for 2nd-Tier engineers. Daily contact
          with domestic and international customers, to include government
          agencies.
     -    Reverse-engineered significant portions of the Checkpoint rulebase
          files, Checkpoint objects file and Nokia IPSO database. Applied
          this knowledge to automated scripts and day-to-day operations.
     -    Designed a major overhaul to the structure and interface of a Cold
          Fusion-based ticketing system in support of efficiency and
          metrics. This included HTML prototypes of schemas and a complex
          logical diagram created in Visio 2000.
     -    Authored official procedures for topics such as crash forensics
          and troubleshooting.
     -    Informed Checkpoint of a deficiency with their workaround to the
          RDP tunneling vulnerability and escalated within Checkpoint until
          a proper patch was released.
     -    Maintained a list of documented and undocumented bugs in
Checkpoint
          Firewall-1 and the Nokia IPSO operating system.
     -    Wrote a script to automatically diagnose discrepancies between
          firewalls in a high-availability configuration and verify proper
          settings.

1999-2000      ENGINEER II, IP SECURITY
               Intermedia Business Internet / Digex
                 Security Management Center
     -    Served as 2nd-Tier engineer for managed firewalls in Digex server
          farms and in the field. Escalation point for 1st-Tier engineers.
          Daily contact with domestic and international customers, to
          include government agencies.
     -    Principal contributor in executive-level meetings with the
          Director of Product Management, the Manager of Security Products
          Sales and the VP of Business Process Solutions.
     -    One of three employees selected to participate in a revision of
          internal processes and job requirements. Designed changes to the
          internal ticketing system in support of these revisions.
     -    Created a modular scripting system which logs into a list of
          firewalls and runs commands. Each script module can contain
          settings that offer highly customized execution.
     -    Created a script that automates incremental backups of files each
          time they are modified.
     -    Maintained monthly firewall licenses on approximately 300
          firewalls. Negotiated with Checkpoint for a less-restrictive,
          6-month license.

1998-1999      SYSTEMS SECURITY ANALYST I
               CACI Inc.
                 Information Assurance Dept.
     -    Created the department's benchmark technical proposal for security
          assessment contracts.
     -    Responsible for project timeline creation, client interaction,
          strategic planning, technical analysis and documentation for a
          long-term Navy network reconfiguration.
     -    Conducted a comprehensive assessment of the features and technical
          aspects of thirteen major Intrusion Detection Systems.
     -    Composed a document combining load analysis, network simulation
          and firewall implementation procedures for a Navy client. This
          document received commendation from the client.
     -    Responsible for the installation, configuration and accreditation
          of a mission-critical firewall.
     -    Created comprehensive configuration documents for conversion from
          a Checkpoint firewall to a proxy-based Raptor firewall, to include
          hardening the Solaris operating system.
     -    Technical lead for a quarterly County network assessment that
          included external/internal vulnerability analyses, analog phone
          scanning, threat monitoring and custom reporting.
     -    Evaluated the security and utility of a distributed networking
          infrastructure for a mission-critical, international deployment
          of satellite communications.
     -    Performed a comprehensive sector analysis of a foreign
          government's technology incubator program.
____________________________________________________________________________

CERTIFICATIONS / TRAINING

2001      Checkpoint Certified Security Administrator  (CCSA)
          Checkpoint Certified Security Expert         (CCSE)

2000      Nokia IP Security and High-Availability Training
          Checkpoint CP2000 Training
          Axent NetProwler IDS Training

1999      ISS Certified for Internet Scanner and SafeSuite Products
          CACI Inc. Certified in Project Management
____________________________________________________________________________

EDUCATION

1994-1998 University of Florida                              Gainesville, FL
            BBA in Management, Warrington College of Business Administration

Reply via email to